Menu
Menu
2024 IT Audit Program 101 & Information Security Risk Assessment 101
Details
May 2, 2024 - Homewood Suites, Salina
115 E Mulberry St
Salina, KS 67401
115 E Mulberry St
Salina, KS 67401
Program Agenda
Brochure
Registration - 8:30 a.m.
Program - 9:00 a.m. - 3:30 p.m.
Lunch - 12:00 p.m. - 1:00 p.m.
Program - 9:00 a.m. - 3:30 p.m.
Lunch - 12:00 p.m. - 1:00 p.m.
Brochure
Program Content
Having a comprehensive IT audit program is imperative and an essential part of your overall information security program. Not to mention it is a regulatory requirement no matter your size. A well planned and structured audit program that evaluates the risk management program and processes, internal controls and policies and procedures is required to meet regulatory compliance. The IT Audit and Audit Program has been and will continue to be a hot spot with the examiners.
Regardless of whether you have an internal IT audit performed or outsource it, you need to know what the regulatory expectations and requirements are.
Risk assessments are an essential element of overall risk management along with providing the basis for many of your policies, plans, and programs like your information security program, audit program, and business continuity plan. The basis for the risk assessment mandated by GLBA in 2000 was initially thought to be oriented to IT, thus the requirement for an IT Risk Assessment after all it is the IT examiners that are evaluating it. However, today the focus has shifted to an enterprise-wide information security risk assessment that encompasses the entire organization where IT is a key component. Needless to say the change in nomenclature and focus has created some confusion and the fact that the regulators do not prescribe to any specific format, only content, many organizations are finding their assessment being criticized during their exams and audits. A properly structured enterprise-wide information security risk assessment will not only help you focus your resources and budget dollars where they are needed, but also provide the basis for your information security program and audit program. The right approach will also get you off to a running start on your business continuity risk assessment as well.
This presentation will provide an approach for developing an enterprise-wide information security risk assessment and a framework that can be adapted to the other numerous risk assessments now required.
Regardless of whether you have an internal IT audit performed or outsource it, you need to know what the regulatory expectations and requirements are.
Risk assessments are an essential element of overall risk management along with providing the basis for many of your policies, plans, and programs like your information security program, audit program, and business continuity plan. The basis for the risk assessment mandated by GLBA in 2000 was initially thought to be oriented to IT, thus the requirement for an IT Risk Assessment after all it is the IT examiners that are evaluating it. However, today the focus has shifted to an enterprise-wide information security risk assessment that encompasses the entire organization where IT is a key component. Needless to say the change in nomenclature and focus has created some confusion and the fact that the regulators do not prescribe to any specific format, only content, many organizations are finding their assessment being criticized during their exams and audits. A properly structured enterprise-wide information security risk assessment will not only help you focus your resources and budget dollars where they are needed, but also provide the basis for your information security program and audit program. The right approach will also get you off to a running start on your business continuity risk assessment as well.
This presentation will provide an approach for developing an enterprise-wide information security risk assessment and a framework that can be adapted to the other numerous risk assessments now required.
Presented by
Susan Orr - Leading Financial Services Expert
Susan Orr is a leading financial services expert with vast regulatory, risk management, and security best practice knowledge and expertise. As a consultant, Susan is dedicated to assisting financial institutions in implementing appropriate policies and controls to protect confidential information and comply with regulatory mandates and best practices.
Who Should Attend
Internal/external auditors, compliance officers, IT security officers, operations officers and others
Pricing
KBA Members: $275 per person
Non KBA Members: $550 per person
*Please add $100 if registering after April 22.
Susan Orr is a leading financial services expert with vast regulatory, risk management, and security best practice knowledge and expertise. As a consultant, Susan is dedicated to assisting financial institutions in implementing appropriate policies and controls to protect confidential information and comply with regulatory mandates and best practices.
Who Should Attend
Internal/external auditors, compliance officers, IT security officers, operations officers and others
Pricing
KBA Members: $275 per person
Non KBA Members: $550 per person
*Please add $100 if registering after April 22.
*Cancellations must be received by April 29, 2024.
*Any transmission, retransmission or republishing of the audio or video portion of the seminar is strictly prohibited.
